Software Dark Factory Agentic Engineering Governance

Investor briefing

AI can create code faster than teams can safely absorb it.

Software Dark Factory does not replace AI tools. It gives AI-assisted delivery discipline before the PR exists, so scope, evidence, verification, risk, and handoff travel with the change. The wedge starts with a repo review: confirm suitability, install SDF Front Door where it fits, and run one bounded governed change while the customer team keeps review, merge, and deployment control.

Start investor conversation Download investor deck

Current stage: assisted V0, human-reviewed, controlled handoffs.

Why now

AI output is rising faster than the ability to govern it.

The urgent gap is not code generation. It is reviewable, evidence-backed control.

AI-assisted coding increases output — but it also increases review burden, evidence gaps, ownership ambiguity, and delivery risk. Teams can generate more AI-assisted work than they can safely govern, review, and trust.

AI adoption is moving from usage to yield. The question is no longer how much AI the team used; it is what the usage produced, whether the work can be reviewed, and whether ownership remains clear.

Software Dark Factory starts where that risk becomes concrete: the repo, the PR, the test suite, and the delivery workflow.

Why SDF is different

SDF governs the work around the agent before, during, and after delivery.

Agent tools produce code. CI and code quality tools check code after it exists. Engineering analytics explains what happened afterwards. SDF helps govern the work before and during delivery, then preserves handoff context after the PR.

The strategic edge is risk-scaled governance: the review gate stays constant while evidence depth adapts to the work. Scope, acceptance criteria, playbooks, run logs, dependency decisions, hidden critical domain checks, verification truth, and work-item evidence travel with the change.

SDF evidence is not throwaway PR paperwork. Each governed change leaves a bounded record future humans and agents can reuse instead of starting cold. The Research Lab compounds learning across real repos, local and cloud agents, providers, models, reasoning modes, PR shapes, verification boundaries, and reviewer surfaces.

That view comes from John owning the full SDLC in startup environments for 20+ years. The founder memo carries the fuller story; the short version is simple: the goal is agentic speed with engineering quality and control.

Read founder memo

Problem and buyer pain

Engineering leaders own the delivery risk even when AI writes the code.

CTOs, VPs Engineering, and technical founders are being pushed to adopt AI coding while still owning review quality, production risk, customer trust, and accountability.

SDF is on the side of the people carrying that responsibility: engineers asking agents to do the work, reviewers deciding what is acceptable, and leaders accountable for what ships.

The risk does not live only in the diff. It hides in entitlement rules, commercial promises, IP and licensing boundaries, operational ownership, provider coupling, and approval authority — none of which an AI agent can see.

  • More output reaches review — with less human context behind it.
  • Agent-written changes need evidence, not just confidence.
  • Review gates, ownership, and model usage become invisible.
  • Teams need a path that makes AI delivery safer — not one that pretends it already is.

The wedge

Repo review converts interest into proof.

Software Dark Factory starts with an assisted repo review. If the repo is suitable, SDF Front Door is installed and one bounded governed change creates the first proof surface.

That first governed change is the practical continuation: useful enough to matter, bounded enough to review, and controlled by the customer.

The path produces useful proof: reviewable PRs, verification evidence, handoff context, retained delivery records, and a clearer case for whether SDF should become part of the customer's ongoing workflow.

  • Repo suitability review creates the entry point
  • Front Door install happens where the repo fits
  • One bounded governed change creates controlled outcome proof
  • Governed PR proof creates useful work and review evidence
  • Customer-specific playbooks and operating-model work adapt the method locally
  • Ongoing governance and adaptation support are separately scoped expansion paths

Mechanism

The assessment becomes the front door to governed delivery.

The Assessment Packet is the handoff between intent and governed action — a structured document capturing repo context, constraints, suitability evidence, risks, candidate changes, and the safe first governed change path. It helps the review move from discussion to evidence-backed delivery without granting automated access, triggering hosted scanning, or mutating a customer repo.

Product loop

Request to governed delivery path

Assisted V0
1

Start repo review

A buyer starts with repo context and a controlled suitability conversation before install work happens.

2

Confirm suitability

The review explains observed surfaces, blockers, hidden boundary signals, risks, limits, and whether SDF Front Door is a fit.

3

Install Front Door

Where suitable, SDF Front Door is installed as a lightweight repo-local governance path without granting automatic execution authority.

4

Run one governed change

SDF runs one safe, bounded governed PR where suitable, producing useful work, verification evidence, review notes, customer-specific operating guidance, and retained delivery records.

Product path

Request, reviewed context, evidence review, safe first-change selection, and governed PR proof.

Proof so far

Current progress is visible and evidence-led.

Live GTM front door

Public site, assessment request capture, repo context handoff, confirmation flow, and revisit email path are all live and operational.

SDF Front Door dogfood

This GTM repo has migrated from the older Bootstrap-era setup to the lightweight SDF Front Door workflow, and current public changes now run through `.sdf` evidence and verification.

Controlled receiver proofs

Governed implementation proof has been demonstrated across controlled TypeScript/Vite and Rails/Campfire-shaped receiver proofs with handoff contracts, evidence trails, and delivery records.

Local and cloud agents

Short generic prompts have produced governed PRs across Codex local, Codex Cloud, Claude local, and Claude Code, keeping the proof focused on workflow repeatability rather than one tool.

Reviewer surfaces proven

PR-boundary and reviewer-surface checks have been exercised so governed work remains inspectable at the human review point.

Research Lab now public

The Research Lab is the credibility layer: dogfooding across agents, providers, models, reasoning modes, PR shapes, verification boundaries, and reviewer surfaces.

Expansion path

Each customer compounds from entry point to retained operating layer.

The customer journey starts with repo suitability. Where the repo fits, SDF Front Door is installed and one bounded governed change creates the first commercial proof point before a broader operating-model conversation.

Each engagement produces reusable patterns, receiver-safe templates, and proof surfaces that increase delivery leverage for the next engagement. Product learning is reviewed and packaged, not autonomous policy mutation.

Unknown fit → Repo review → Front Door install where suitable → One governed change → Customer operating layer → Ongoing governance support Known changes → Repo review → First governed change where suitable → Useful work → Review evidence → SDF adoption conversation

Why this team

Founder-market fit: governance from the full SDLC.

Software Dark Factory comes from 20+ years of hands-on startup engineering and from building real agent-first workflows in Explore.

The operating model was shaped through real product builds, public proof projects, and playbook-led engineering practice used under live delivery pressure.

Explore was the proof ground; Software Dark Factory productizes the governance layer extracted from that work.

Explore proof ground

Explore remains the original proof ground for agent-first workflow and product discipline.

View Explore

LinkedIn

Follow the founder's work on agentic engineering and full-SDLC governance.

Connect on LinkedIn

Business machine

The business machine: services-to-product path.

The early business runs assisted: repo reviews, Front Door installs where suitable, first governed changes, customer-specific operating-layer work, and scoped ongoing support.

Useful governed changes create proof without asking smaller teams to understand the full operating model upfront. Suitability-led adoption scales toward teams with enterprise governance complexity. Each engagement turns delivery evidence into retained memory, reusable patterns, handoff contracts, receiver-safe templates, and proof surfaces that compound toward a productized governance layer.

Business machine

Services-to-product ladder

Evidence-led
Founder-led authority Repo suitability review creates the entry point Front Door install happens where the repo fits One governed change creates controlled proof through evidence review, blocker classification, hidden boundary discovery, and governed PR evidence Governed PR proof turns the review into useful work and review evidence Customer-specific operating-layer work adapts the method to the buyer's stack, team, and risk profile Ongoing governance and adaptation support Future productized or licensed Front Door paths only where supported by product direction

Compounding cue

Each engagement should produce reusable patterns, assessment handoff contracts, playbooks, and proof surfaces.

Future compounding

Engineering is the first wedge because the evidence trail is immediate.

Governance defines the rules. Assurance proves they held.

Repos, PRs, CI, review gates, run logs, and delivery risk make the problem visible. If the governed-workflow model proves repeatable there, the same operating principle can extend into other knowledge-work functions later.

Explore the operating model thesis →

Investor materials

A compact briefing set.

Investor deck

The deck covers the market shift, engineering wedge, proof stack, current boundaries, product path, and investor ask.

Download investor deck

Assessment journey

High-level view of the repo review, Front Door install where suitable, one governed change, customer-specific operating layer, and optional support path without exposing full report artifacts.

View repo review journey

Founder memo

Short founder-market-fit memo connecting full-SDLC operating experience, Explore, and the governance thesis.

Read founder memo

The Operating Model

Quiet strategic reference on how governance can become a mission-led operating model without claiming that future layer is productized today.

Read the operating model

Stage discipline

Claim-bounded by design — not by limitation.

Trust has to be earned before it is automated. SDF V0 is deliberately assisted, handoff-first, and human-reviewed, with proof built in controlled delivery before any hosted or customer enforcement claim is made.

Productization follows proof. The boundary is part of the trust signal.

  • Assessment access is human-confirmed, not automatic.
  • Evidence collection is local and read-only by default.
  • No repo mutation, enforcement, or repair without explicit scope.
  • No continuous monitoring or production changes.
  • Productization follows proof — not the other way around.

The ask

Pre-seed capital, design-partner introductions, and sharp early advisors.

The immediate objective: prove repo reviews, Front Door installs where suitable, and first governed changes with early customers, productize the assisted journey, and package customer-specific operating-layer implementations with ongoing governance and adaptation support.

If you work with engineering-led companies and care about how AI delivery gets governed, this is the right conversation to have early.

Start investor conversation Download investor deck